Comments

Hello Jouni, list
In response to thread "lib_wpa_client: making it thread safe?"
We would like to propose the following patch which adds a reference counter on wpa_ctrl. We are going to integrate this patch in the Intel Android tree.
The goal of this patch is to prevent a whole class crashes caused by freeing the wpa_ctrl while it's still in use by another thread.
e.g in Android, this is typically the case, many crashes are reported due to libhardware_legacy (wifi) usage of this library.
We had the following constraints in mind when writing the patch:
- This patch should not block any thread.
- This patch should not modify the lib API.
- This patch should not modify the wpa_ctrl structure.
- Modification are internal to the lib.
- This feature can be enabled/disabled with a C flag: CONFIG_CTRL_REF_COUNT
- This patch should fix the "issue" at lib level, avoiding implement workarounds at upper level
General principle:
- A wpa_ctrl resource cannot be freed if it still used by another thread.
- A wpa_ctrl resource will be freed when closed and no longer used.
- Prevent crashes If a lib function is used with an invalid/no longer valid wpa_ctrl identifier.
- Main original code modifications consist in calling 'get' and 'put' on wpa_ctrl.
We welcome any improvements you may have on this patch.
BR,
Loïc
From: Loic Poulain <loicx.poulain@intel.com>
This library provides a wpa_ctrl pointer to third parties. This pointer
is used as a context identifier. But third parties can use this library
asynchronously. So, if a third party closes a ctrl which is already used
by an other request (ex: wpa_ctrl_request), then this context will no longer
be valid, leading to a crash (NULL pointer dereference).
In order to avoid such issue, this patch implements an internal reference
counter so that a ctrl interface can be freed only if its reference counter
reaches 0. Moreover, if a third party tries to call a library function with
an invalid context/pointer, this function will handle this issue by returning
an error.
This patch is a first step to make this library thread safe.
Signed-hostap: Loic Poulain <loicx.poulain@intel.com>
Signed-hostap: Jean-Michel Bachot <jean-michel.bachot@intel.com>
Signed-hostap: Quentin Casasnovas <quentinx.casasnovas@intel.com>
---
src/common/wpa_ctrl.c | 215 ++++++++++++++++++++++++++++++++++++++++++++++--
1 files changed, 206 insertions(+), 9 deletions(-)